KnowBe4 Code of Conduct

    Last Updated: February 14, 2023

    Message from Stu Sjouwerman, CEO
    Stu Sjouwerman, CEOWe pride ourselves on our culture and our reputation. When it comes to our ethics, we do not allow the bottom-line to shift our decision making and consider the greater good for all parties. As both a leader and a pioneer in an industry that helps organizations secure their networks, we know that assets come in all shapes and sizes, whether it be personal information, financial information, or national security.

    We develop and provide the tools that help organizations fight against cybercrime and enable their employees to make smarter security decisions, every day. Your trust is essential to our business. This Code of Ethical Business Conduct serves to encompass our commitment to ensuring compliance and ethical behavior in all that we do.

    Stu Sjouwerman, CEO

     

    Knowsters take pride in fostering a culture that encourages high ethical standards of business conduct. We are committed to carrying out our business in a legal, ethical, transparent, and socially responsible manner. As a company with global operations, ensuring compliance with all applicable laws in all countries in which we conduct business, promoting honest conduct and creating a positive environment for our employees is a top priority. Gaining the trust of our customers, vendors, employees and the community starts with a culture based on these fundamental values. This Code of Ethical Business Conduct (“Code”) applies to all employees, officers and directors as well as contractors, consultants and agents. This Code should be read in conjunction with other Company policies.

    Purpose

    We are committed to deterring wrongdoing and promoting:

    • Fair and accurate financial reporting;
    • Compliance with applicable laws, rules and regulations including, without limitation, full, fair, accurate, timely and understandable disclosure in reports and documents KnowBe4 files with, or submits to, government agencies and in KnowBe4’s other public communications;
    • The prompt internal reporting of violations of this Code as set forth in this Code;
    • Honest and ethical conduct, including the ethical handling of actual or apparent conflicts of interest; and
    • A culture of honesty and accountability

    This Code serves as a guide, and KnowBe4 expects everyone to use good judgment and adhere to the high ethical standards to which KnowBe4 is committed.

    We have read the policies set forth in this Code and have ensured we understand and comply with them.

    1. We Follow the Law
     

    We comply with the laws, regulations, rules, controls, and orders applicable to our business in all jurisdictions in which we conduct business including, but not limited to, the following:

    • Bribery and corruption
    • Insider Trading
    • Fair competition
    • Trade controls and money laundering Charitable and political contributions Data privacy and information security Conflicts of interest
    • Fair dealings

    Bribery and Improper Advantages

    We conduct all our business with integrity and transparency. We strictly prohibit all forms of bribery and corruption, regardless of whether they involve a public official or private person. We are truthful in our business interactions and do not tolerate the promise, acceptance, or offering of bribes, kickbacks and all other means of obtaining an undue or improper advantage, such as gifts, payments, fees, services, discounts, valued privileges or other favors where these would, or might appear to, improperly influence a business transaction.

    No matter where we are located, we comply with all elements of the KnowBe4 Anti-Corruption and Gifts, Meals & Entertainment Policies.

    We do not tolerate any form of extortion or embezzlement. We believe in fair business dealings and do not partake in unfair business advantages through the abuse of privileged information, misrepresentation of material facts, or any other unfair or dishonest practices.

    Gifts, Meals & Entertainment

    We must not accept or provide any gift, meal or entertainment if it will obligate, or appear to obligate, the recipient. Any gifts and entertainment given or received must be in compliance with our Gifts, Meals & Entertainment Policy. Everyone must exercise good judgment, discretion, and moderation when giving or accepting gifts or entertainment in business settings. In general, providing promotional items or small tokens, occasional non-excessive meals or other non-cash items of minimal value is permitted.

    There are more stringent rules concerning gifts and entertainment provided to government officials. Offering anything of value to a government official is, in many cases, prohibited by law.

    Insider Trading

    If during the course of your employment at KnowBe4 you become aware of material nonpublic information about other companies, such as our partners, suppliers or customers, you may not trade the securities of such companies. Material nonpublic information is any information that is not public and a reasonable investor would consider important in a decision to buy, sell or hold company stock. It includes any information that could reasonably be expected to cause a change in the price of securities. Knowsters are also prohibited from disclosing this type of information to others who may trade in securities based on the information. It is our responsibility to comply with these laws and not share material nonpublic information.

    Fair Competition

    We support free and fair competition, and comply with antitrust/competition laws applicable to our business activities in all jurisdictions in which we operate. Accordingly, we do not unlawfully: (i) enter into any agreement with any of our competitors with regard to price, terms or conditions of sale, production, distribution, territories, customers or employee wages; or (ii) exchange or discuss with any of our competitors pricing, marketing plans, manufacturing costs, or other competitive information, amongst other measures required by applicable law. We deal with channel partners, customers and suppliers fairly and in a manner that best advances the competitiveness of KnowBe4’s products and services.

    KnowBe4 is dedicated to complying with the numerous laws that govern competition. Any activity that undermines this commitment is unacceptable. The laws governing this area are complex, and employees should reach out to the Legal Department before taking any action that may implicate these laws whenever appropriate.

    Trade Controls and Anti-Money Laundering

    We comply with the various economic sanctions programs, anti-money laundering and export control requirements administered by the United States and other jurisdictions where we conduct business. Such laws prohibit KnowBe4 from participating in certain transactions involving restricted countries or parties, be it directly, or indirectly through third parties. We refrain from transactions recognized as not being permissible by KnowBe4’s Export Control and Economic Sanctions & Anti-Money Laundering policies.

    We do not provide, sell or transfer any products, services, technology, software or technical data to, or otherwise engage in business with, any of the following:

    • Parties targeted for boycotts, embargoes, sanctions, or other similar measures by the United Nations Security Council;
    • Parties appearing on the European Union’s Consolidated Sanctions List;
    • Parties appearing on the United Kingdom’s List of Consolidated Financial Sanctions Targets;
    • Parties appearing on the Denied Persons List, Entity List, and Unverified List administered by the U.S. Commerce Department;
    • Parties appearing on the sanctions lists administered by the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) and the U.S. State Department;
    • Countries or regions subject to U.S. embargoes or sanctions including, but not limited to, Cuba, Iran, North Korea, Syria, and the Donetsk, Luhansk and Crimea regions; or
    • Parties that are at least 50% owned or controlled by parties subject to sanctions programs administered by OFAC, whether individually or in the aggregate.

    We do not tolerate or engage in activity that directly or indirectly contributes to the Arab League Boycott or other unsanctioned boycotts during the course of business dealings.

    We will comply with all applicable trade controls and must not cause KnowBe4 to be in violation of those laws. If we become aware of any information suggesting that KnowBe4 has or may in the future engage in a transaction that could violate applicable economic sanctions, we will report this information immediately.

    We comply with our obligations under Anti-Money laundering (AML) laws and regulations, specifically the risks associated with third parties. Knowsters who suspect an activity or arrangement is indicative of money laundering should report it immediately. Such suspicions may not be informed to any other party, including the third party in question, as doing so could be a violation of AML laws.

    Charitable and Political Contributions

    We do not solicit third parties for charitable donations as a suggestion that such charitable donations may affect their business or future with us, and we comply with U.S. federal law that prohibits us from making contributions or expenditures in connection with federal elections. As each U.S. state has additional laws, rules, and regulations governing political contributions in state and local elections, we comply with the laws in the jurisdiction(s) in which we do business. These state and local laws may or may not allow corporate contributions to candidates for state and local office. As the application of these laws may vary from one location to the next, it is our usual practice not to make political contributions or use any of our funds, assets, or other resources to benefit any political candidates, parties, or related organizations. This includes campaign committees and Political Action Committees (“PACs”) using separate, segregated funds, as well as special interest groups or other organizations engaged in political fundraising or lobbying activities, including those organized under Section 527 of the U.S. Internal Revenue Code (“527 Organizations”).

    Additionally, we follow the laws, regulations, and orders applicable to the jurisdictions outside of the U.S. where we conduct business that prohibit similar activities.

    We encourage Knowsters to take an active interest in the political process. However, we do not conduct political activities on company time or use company facilities, equipment or supplies in carrying out such activities.

    We Take Data Privacy Seriously

    We pride ourselves on our security and data handling practices. Keeping our customer data secure is the most important thing KnowBe4 does. We go to considerable lengths to ensure that all data provided to KnowBe4 is done so securely. Keeping KnowBe4 systems and personal data secure is fundamental to our business.

    Information related to an identified or identifiable person is collected and processed in compliance with applicable data privacy laws. Knowsters with access to such personal data apply the privacy principles of lawful, fair and transparent data processing, respecting any purpose limitations, as well as the principles of data minimization, accuracy, storage limitation, integrity and confidentiality.

    KnowBe4 restricts access to customer and confidential data on a business need to know basis. Access is granted based on role within the organization. KnowBe4 enforces mandatory multi-factor authentication for all access to confidential data. Where applicable, access to systems is restricted by IP address.

    We take significant efforts to protect data and confidential information against unauthorized use, modification, loss, compromise, destruction, or disclosure of, or access to, such data (“Security Incident”). We have implemented measures, policies and procedures intended for the detection and response to Security Incidents. Such measures take into consideration the nature, scope, context, and purposes of KnowBe4’s data handling policies, practices and procedures.

    For more information about our data protection and security practices, see the links below (or other such links that we may provide from time to time on our website - www.knowbe4.com).

    https://www.knowbe4.com/privacy-policy

    https://www.knowbe4.com/security

    Conflicts of Interest

    We will declare potential conflicts of interest. We avoid situations where personal interests may interfere with the business interests of KnowBe4. We act in the best interest of KnowBe4 and do not allow outside interests to interfere with our obligations to KnowBe4. Perception matters: we must not only avoid actual and potential conflicts of interest, but also situations where an outsider might assume a conflict. Examples of conflicts of interest may include: transactions with family members, interests in other businesses, gifts or gratuities and personal use of KnowBe4 assets.

    Similarly, we do not use our positions or relationship with KnowBe4’s current or potential customers, partners, vendors, suppliers, consultants, or any other party that has a relationship with KnowBe4 for personal gain or to obtain benefits for family members.

    Evaluating whether a conflict of interest exists can be difficult and may involve a number of considerations. Before engaging in the activity or accepting something of value, we will obtain the required approvals. Our Conflict of Interest Policy has additional details on our approach to potential conflicts of interest.

    Corporate Opportunities

    Except as otherwise set forth in KnowBe4’s certificate of incorporation and bylaws, we owe a duty to KnowBe4 to advance KnowBe4’s business interests when the opportunity to do so arises. We are prohibited from taking, or directing to a third party to take, a business opportunity that is discovered through the use of corporate property, information or position, unless KnowBe4 has already been offered the opportunity and turned it down. We are further prohibited from competing with KnowBe4 directly or indirectly during our employment with KnowBe4 and as otherwise provided in any written agreement with KnowBe4.

    Fair Dealings

    We do not seek competitive advantages through illegal or unethical business practices. We deal fairly with KnowBe4’s customers, service providers, suppliers, competitors, business partners and employees, and do not take unfair advantage of anyone through manipulation, concealment, abuse of privileged information, misrepresentation of material facts or any unfair dealing practice.

    2. We Strive to Be the Best Place to Work

    We foster a culture of fun teamwork, transparency and career growth. We continuously develop the abilities of our employees, and evaluate performance objectively. We show mutual respect as we collaborate across cultures.

    Teamwork requires open communication. To strengthen the collaborative nature of our workplace, we offer an open (no door) workplace and foster an environment where everyone feels encouraged to express their ideas and opinions.

    Safe and Positive Work Environment

    To ensure that we maintain our great work environment, discrimination, harassment, retaliation, and/or violence in any form are strictly forbidden. We treat all colleagues in a respectful manner, forging working relationships that are uniformly free of bias and prejudice.

    We comply with applicable national, federal, state, and local laws forbidding discrimination in employment based on protected characteristics, such as on the basis of race, color, religion (including religious dress and grooming practices), age, national origin, ancestry, ethnicity, sex (including pregnancy, childbirth, breastfeeding or related medical conditions), gender (including gender identity, gender expression, transgender status or sexual stereotypes), sexual orientation, marital or family care status, status as a victim of domestic violence, sexual assault or stalking, military/veteran status, physical or mental disability, medical information (including genetic information or characteristics, including those of a family member), immigration status or citizenship status, political affiliation or membership in any other group protected by national, federal, state, or local law as it may vary by jurisdiction. We also comply with applicable national, federal, state, and local laws forbidding retaliation against individuals who engage in protected activity.

    No individual will suffer any reprisals or retaliation for making complaints or reporting any incidents of discrimination or perceived discrimination, or for participating in any investigation of incidents of discrimination or perceived discrimination.

    We are committed to maintaining a respectful workplace. This includes a working environment that is free from unlawful harassment based on protected characteristics, including sexual harassment. This applies to all work-related settings and activities, whether inside or outside the workplace, and includes business trips and business-related social events.

    Environment

    We are committed to environmentally sustainable business practices. Knowsters proactively seek to employ new, more sustainable technologies and processes to minimize our footprint on Earth.

    Human Rights

    We conduct our business with respect for human dignity. We support and stand behind the Universal Declaration of Human Rights and comply with all applicable laws, rules and regulations related to anti-human trafficking, anti-slavery, anti-forced labor and child labor. Equal and inalienable rights of all members of the human family is the foundation of freedom, justice and peace in the world. We believe in the promotion of universal respect for and observance of human rights and fundamental freedoms afforded to everyone. All human beings should be treated with decency, kindness and respect.

    3. We Protect KnowBe4’s Assets

    Being transparent is part of who we are. We share a great deal of confidential information across all levels of the organization. We have a responsibility to safeguard and make proper and efficient use of this and all our assets.

    Knowsters must work together to protect our tangible and intangible assets from loss, misuse, theft, embezzlement, damage or destruction. Similarly, they should be used solely for the benefit of KnowBe4 and never to promote an employee’s own interests or those of another person or company.

    The obligation to protect our assets includes KnowBe4’s intellectual property (IP) -our patents, copyrights, trademarks, trade secrets and know-how. Any improper downloading or other prohibited use or disclosure of such information can result in the loss of its value and may be deemed a misappropriation of our IP rights.

    In carrying out KnowBe4’s business, we may also learn confidential or proprietary information about KnowBe4, its customers, suppliers or business partners. Confidential or proprietary information of KnowBe4, and of other companies, includes any non-public information that would be harmful to the relevant company or useful to competitors if disclosed.

    We will maintain the confidentiality of information about KnowBe4 and other companies entrusted to us by KnowBe4, use the information only for permissible business purposes and in accordance with any restrictions imposed by the disclosing party, and limit dissemination of the confidential information, both inside and outside KnowBe4, to people who need to know the information for business purposes and who are bound by similar obligations of confidentiality, unless disclosure is authorized or legally mandated. The obligation to protect confidential information does not end when we leave KnowBe4.

    4. Financial Reports and Other Records – Disclosure

    We are responsible for the accurate and complete reporting of financial and operating information and for the timely notification to management of financial and non-financial information that may be material to KnowBe4 to ensure full, fair, accurate, timely and understandable disclosure in reports and documents that KnowBe4 files with government agencies or releases to the general public.

    We have familiarized ourselves with the disclosure requirements applicable to KnowBe4 and the business and financial operations of KnowBe4, and will not knowingly misrepresent, or cause others to misrepresent, facts about KnowBe4 to others, whether within or outside KnowBe4, including to KnowBe4’s independent auditors, governmental regulators and self-regulatory organizations.

    We maintain all of KnowBe4’s books, records, accounts and financial statements in reasonable detail, and reflect the matters to which they relate accurately, fairly and completely. Furthermore, we will ensure that all books, records, accounts and financial statements conform both to applicable legal requirements and to KnowBe4’s system of internal controls. We carefully and properly account for all assets of KnowBe4. We will not establish any undisclosed or unrecorded account or fund for any purpose. We will not make any false or misleading entries in KnowBe4’s books or records for any reason, or disburse any corporate funds or other corporate property without adequate supporting documentation and authorization. We will not misclassify transactions related to accounts, business units or accounting periods. We bear responsibility for ensuring that we are not party to a false or misleading accounting entry. We cooperate with all requests made to preserve or produce any documents, records, information, devices, computers, hardware, cell phones or other media. If a legal hold is placed on certain records, we must preserve and protect those records in accordance with instructions from the Legal Department. Records or supporting documents that are subject to a legal hold must not be destroyed, altered or modified under any circumstance. A legal hold remains effective until it is officially released in writing by the Legal Department.

    5. Speak Up

    We will speak up if things must be corrected or improved. We provide mechanisms for reporting, in good faith, suspected violations of the law. Such reports are treated as confidential to the extent reasonably possible for conducting an investigation, and we do not tolerate retaliation for reports made in good faith. Concerns are raised with local management. Should this not be possible or no satisfactory response is received, Knowsters may escalate a concern to the Compliance Officer. Reports may also be made using the Whistleblower Hotline. As Whistleblower laws vary by country, we encourage those reporting to follow the reporting procedures as lawful and customary in the jurisdiction in which they are reporting from.

    Mobile version: https://knowbe4.navexone.com/

    Investigations

    Reported violations will be promptly and thoroughly investigated. As a general matter, the Board will oversee investigations of potential violations by directors or executive officers, and the Legal Department will oversee investigations of potential violations by other employees. Making false statements to or otherwise misleading internal or external auditors, investigators, legal counsel, KnowBe4 representatives, regulators or other governmental entities may be grounds for immediate termination of employment or other relationship with KnowBe4 and also be a criminal act that can result in severe penalties.

    Disciplinary Actions

    Violations of this Code, or a refusal or failure to acknowledge it, may be subject to disciplinary action, up to and including termination of employment. Moreover, those who direct or approve of any conduct in violation of this Code, or who have knowledge of such conduct but do not immediately report it may also be subject to disciplinary action, up to and including termination of employment. A director who violates this Code or directs or approves conduct in violation of this Code shall be subject to action as determined by the Board.

    Furthermore, violations of some provisions of this Code are illegal and may subject individuals to civil and criminal liability.

    Disclosure

    Nothing in this Code limits or prohibits employees from engaging for a lawful purpose in any “Protected Activity.” “Protected Activity” means filing a charge or complaint, or otherwise communicating, cooperating or participating, with any state, federal or other governmental agency, including the Equal Employment Opportunity Commission and the National Labor Relations Board. Notwithstanding any other policies in this Code (or elsewhere), no authorization from KnowBe4 is required prior to disclosing information to, or communicating with, such agencies. “Protected Activity” does not include the disclosure of any KnowBe4 attorney-client privileged communications. Any such disclosure without KnowBe4’s written consent, violates KnowBe4 policy.

    6. Waivers and Amendments

    Any amendment or waiver of any provision of this Code must be approved in writing by the Board or, if appropriate, its delegate(s), and promptly disclosed pursuant to applicable laws and regulations. Any waiver or modification of this Code for
    the principal executive officer, principal financial officer, principal accounting     officer, controller, or any other persons performing similar functions in KnowBe4 will be promptly disclosed to stockholders if and as required by applicable law.

    KnowBe4 reserves the right to amend this Code at any time, for any reason, subject to applicable laws, rules and regulations.

    Get the latest about social engineering

    Subscribe to CyberheistNews